| Tweet Share Share Comment |
I have tendered my resignation to the GSA and the FICAM Program. It is an amicable parting which I initiated, and I am staying on until February 21, 2015 to help with the transition. I have not made up my mind on what to do next.
| Tweet Share Share Comment |
With the acceleration of the implementation of public service delivery platforms in both the U.S and elsewhere, my mission "... to help technical leaders make digital services secure and trustworthy" continues to remain relevant and is not going to change.
However, based on lessons learned over the last two years I want to try some new ways of delivering that information, so expect some tweaks and changes going forward.
| Tweet Share Share Comment |
First and foremost, Thank You! Thank you for your continued readership. Thank you for the diverse range of opinions and feedback you have provided on the blog, as well as the extremely positive feedback regarding my email only newRECENTLY newsletter.
Your feedback has helped me to shape the content and topics to better address your challenges in delivering secure and trustworthy digital services. I think you will find the content areas such as risk management, authentication, identity proofing and more, that I am building out, useful.
For this blog post, I ran the analytics to discover which posts you found interesting in 2014. Here are the top ten, in the order they were written.
| Tweet Share Share Comment |
The need for multiple factors of authentication in the current environment is something that many can agree on. But does that impact how we do web site authentication risk assessment? What other aspects of token and credential choice are impacted?
| Tweet Share Share Comment |
A classic and successful story telling pattern that persists across time and regions is the Monomyth, or the Hero's Journey. Unfortunately, when it comes to digital service deployments, many implementers believe that they are the Hero. Wrong!
| Tweet Share Share Comment |
Stand-alone attribute providers typically use a lookup key based scheme in order to return attributes associated with that key. But as we move to a more attribute-centric world, they will need to incorporate identity resolution as the first step in the attribute query flow in order to meet the needs of a wide range of customers.
| Tweet Share Share Comment |
The U.S. is finally moving to EMV compliant payment cards. Can these cards be used as multi-factor authentication tokens for electronic transactions outside the payment realm? What are the security and privacy implications? Who needs to buy into and be in the transaction loop to even consider this as a possibility?
|
Disclaimer: The opinions expressed here are my own and do not represent my employer’s view in any way. |
I am a digital security coach. I help technical leaders gain clarity and understanding on complex identity, information security and privacy practices, so they can enable secure, trustworthy digital services. More about me →
Copyright © 2015 Anil John
